Community discussions

 
safiullahtariq
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Sun Apr 06, 2014 9:21 pm
Location: Lahore Pakistan

NAT or Virtual Server.

Mon May 12, 2014 11:31 pm

Hello All,

I have a TP-Link AC1750 ADSL2+ Modem Router which is connected to RB-750GL Mikrotik and all the other computers are connected to that Mikrotik (via switch). I have a simple question, there is a webserver connected to Mikrotik and I created a virtual server in the ADSL router, but i am not able to reach the webserver from the internet.

The IP of the ADSL router is 192.168.1.1 and Mikrotik router IP is 192.168.0.1 (Mikrotik is also running DHCP for computers).

Do I have to open ports with the IP of the webserver (which is 192.168.0.98) in ADSL and Mikrotik router ?

Any advice ?

Regards,
Safi
 
jkarras
Member Candidate
Member Candidate
Posts: 224
Joined: Fri Sep 06, 2013 3:07 am
Location: Utah, USA

Re: NAT or Virtual Server.

Wed May 14, 2014 4:15 am

If you are doing double NAT yes you need to open the port on both.
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: NAT or Virtual Server.

Wed May 14, 2014 8:37 am

What IP did you set on the Virtual Server of the Router/Modem.
I assume you put the IP of the MikroTik, which should be something like 192.168.1.x
On the MT you should then create a NAT rule like

ros code

/ip firewall nat
add chain=dstnat action=dst-nat in-interface=<interface facing modem> dst-address=<ip of mt at modem segment> protocol=tcp dst-port=80 to-address=192.168.0.98 to-ports=80
On the ohter hand, I looked at the manual of the router you could also put in the IP address of the sever itself directly.
But in that case you have to create a static route for that IP to forward the traffic to the routerboard.
Also looked it up in the manual and there is an entry where you can specify a static route.
Create a route for the IP of the server only, or if you want for the complete 192.168.0.0 network.
In any case forward the traffic to the IP address of the routerboard in the 192.168.1.0 range.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
safiullahtariq
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Sun Apr 06, 2014 9:21 pm
Location: Lahore Pakistan

Re: NAT or Virtual Server.

Fri May 16, 2014 12:49 am

Thank you for your help.

I did was required. I was even able to connect to my xmpp server from the internet.

Ill tell everyhting what I did. What i did was that I changed some settings, I changed the Mikrotik IP to 192.168.0.60 on ether port 1 and 192.168.2.1 to ethernet port 2.

In the TP-Link ADSL router I created a static route, Destination: 192.168.2.0, Gateway: 192.168.0.60. Created a virtual server: 192.168.0.60, ports opened : 5222-5223 (for xmpp chat server).

In Mikrotik, I added the following settings in the ip/firewall/nat section

chain=dstnat action=netmap to-addresses=192.168.2.10 to-ports=5222-5223 protocol=tcp dst-address=192.168.0.60 dst-port=5222

Thank you both for your reply. It has helped me alot. Took a while for me to do this. But i finally figured it out.
im very happy :) :)

Best Regards,

Safi
 
Rudios
Forum Veteran
Forum Veteran
Posts: 966
Joined: Mon Mar 11, 2013 12:58 pm
Location: The Netherlands

Re: NAT or Virtual Server.

Fri May 16, 2014 1:08 am

Glad to hear you managed!
My only remark is that since the TP link can route to the webserver behind the mikrotik, you could put the ip of the webserver as virtual server and drop the nat rule.
Probably you also have a masquerade rule which then need to be deleted.
Testing setup with: 2 x RB750UP | 2 x RB750GL | 1 x RB951G-2HnD | 1 x RB2011UiAS-IN
 
safiullahtariq
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 81
Joined: Sun Apr 06, 2014 9:21 pm
Location: Lahore Pakistan

Re: NAT or Virtual Server.

Fri May 16, 2014 9:24 pm

Unfortunately, got another task on my back now :( :( :(

This chat server was placed in the office and now the management wants to move this CHAT server (of which i have done the settings) to another place, which is wirelessly connected to the office. (feeling pity for myself as this is another exercise for me).

Please help me and correct me if I am wrong.

An ethernet port of the router has an IP 192.168.1.10 and it is a part of a vlan, connected to the wireless device making a ptp link with the other wireless device. And on the other side, another Mikrotik router is placed, whose 1 ethernet port has an IP 192.168.1.20. The other port of the IP has an address 192.168.2.10 and via this link, these two sites are connected.

Will it be possible that the Chat server be placed at the remote site. If I open the ports and create virtual servers in TP-link modem-router and then net-mat/masquerade the ports and IP on the remote site, will I be able to access the chat server from the internet? (As far as I think I will be able to do that, but I dont have any experience as such so I am quite unsure).

Do you have any guidelines for me?... Your opinion advices are required and will be very helpful.

Best Regards,

Safi

Who is online

Users browsing this forum: Google [Bot], MSN [Bot] and 72 guests